128 Folgen

Digital Shadows' ShadowTalk discusses the latest threat intelligence and cybersecurity news with our panel of threat intelligence experts, security engineers, security researchers, and more.

ShadowTalk Threat Intelligence by Digital Shadows Digital Shadows

    • Technologie

Digital Shadows' ShadowTalk discusses the latest threat intelligence and cybersecurity news with our panel of threat intelligence experts, security engineers, security researchers, and more.

    OurMine hacks FC Barcelona & Olympics twitter handles, Adsense email extortion, & phishing research

    OurMine hacks FC Barcelona & Olympics twitter handles, Adsense email extortion, & phishing research

    Adam and Phil join Viktoria to ‘cause a storm’ on this week’s episode. But first - we get a rundown of the brand new Photon research blog this week around phishing from Harrison and Alex.

    This Week’s Agenda:
    1. New phishing ecosystem research we just dropped this week - check it out for some interesting new data findings: https://www.digitalshadows.com/blog-and-research/the-ecosystem-of-phishing/
    2. OurMine Hacks FC Barcelona and Olympics Twitter Handles
    3. Google AdSense Email Extortion Scam
    4. FBI IC3 Report

    Check out this week’s Intelligence Summary (INTSUM) at https://resources.digitalshadows.com/weekly-intelligence-summary

    If you’re headed to RSA Conference, don’t miss meeting the team! Stop by Booth 4617 or our Security Leaders Party Wednesday night!

    ***Resources From this Week***
    Phishing Research: https://www.digitalshadows.com/blog-and-research/the-ecosystem-of-phishing/

    RSA party registration: https://info.digitalshadows.com/RSASecurityLeadersParty2020.html?source=DS-team

    • 31 Min.
    yOurMine, Equifax Indictment, and SWIFT POC attack

    yOurMine, Equifax Indictment, and SWIFT POC attack

    Roses are red, violets are blue, here’s our threat intel podcast, just for you!

    Kacey, Charles, Alex, and Harrison have a Valentine’s special for you all. This week the team covers:
    - OurMine hacks
    - The Equifax Indictment
    - SWIFT POC attack

    Get this week’s intelligence summary at https://resources.digitalshadows.com/weekly-intelligence-summary

    ***Resources from this Week***
    ACH paper: https://resources.digitalshadows.com/whitepapers-and-reports/applying-the-analysis-of-competing-hypotheses-to-the-cyber-domain

    • 29 Min.
    Threat Report ATT&CK Mapping (TRAM) With MITRE’s Sarah Yoder And Jackie Lasky

    Threat Report ATT&CK Mapping (TRAM) With MITRE’s Sarah Yoder And Jackie Lasky

    Sarah Yoder and Jackie Lasky from MITRE join Rick Holland and Harrison Van Riper in this guest episode to talk through their tool, Threat Report ATT&CK Mapping (TRAM).

    Both Sarah and Jackie are Cyber Security Engineers at The MITRE Corporation and presented this new tool at the recent SANS CTI Summit.

    During the discussion, they talk through:
    - What brought them to MITRE
    - TRAM - what it is, goals that the project was designed to address, and how to get involved
    - Highlights and key takeaways from the SANS CTI Summit

    Huge thanks to Sarah and Jackie for joining!

    ***Resources From this Episode***
    Slides from SANS Session: https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1579547257.pdf
    Github page: github.com/mitre-attack/tram
    Sarah’s Twitter: https://twitter.com/sarah__yoder

    • 26 Min.
    CTI Frameworks, Wawa Breach Updates, APT34, And Coronavirus Phishing Scams

    CTI Frameworks, Wawa Breach Updates, APT34, And Coronavirus Phishing Scams

    January was a looooong year. Anyone else? In this week’s episode, Jamie starts by talking about his recent blog, Cyber Threat Intelligence Frameworks, with 5 rules for integrating these frameworks within your organization.

    Viktoria and Jamie also discuss:
    - APT34, where Iranian hackers targeted U.S. Gov vendor, Westat
    - Wawa Breach Developments
    - Coronavirus Phishing Scams
    - Winnti Group targeting Hong Kong universities

    Check out this week’s intelligence summary at https://resources.digitalshadows.com/weekly-intelligence-summary

    ***Resources From this Week***
    Jamie’s CTI Blog: https://www.digitalshadows.com/blog-and-research/cyber-threat-intelligence-frameworks-5-rules-for-integrating-these-frameworks/

    • 17 Min.
    SANS CTI Summit, Snake Ransomware, CacheOut, And Citrix Vuln Update

    SANS CTI Summit, Snake Ransomware, CacheOut, And Citrix Vuln Update

    Rick Holland jumps in to kick-off this week’s episode to recap the 2020 SANS CTI Summit with Harrison.

    Then Harrison, Alex, Kacey, and Charles talk through other top stories of the week including:
    - Snake Malware
    - Competitions we’re seeing on Russian-language cybercriminal forums
    - Citrix Vulnerability Update
    - New ‘CacheOut’ Attack Targets Intel CPUs

    Rounding off the episode, the team shares their favorite infosec twitter post of the week to spice up the episode. Have a great week!

    ***Resources From this Week***
    - SANS CTI Summit Recap: https://www.digitalshadows.com/blog-and-research/sans-cyber-threat-intelligence-summit-2020-a-recap/
    - Competitions on Russian-language cybercriminal forums blog: https://www.digitalshadows.com/blog-and-research/competitions-on-russian-language-cybercriminal-forums-sharing-expertise-or-threat-actor-showboating/
    - Cyber Threat Intel Frameworks blog: https://www.digitalshadows.com/blog-and-research/cyber-threat-intelligence-frameworks-5-rules-for-integrating-these-frameworks/
    - CVE-2019-19781: Analyzing the Exploit: https://www.digitalshadows.com/blog-and-research/cve-2019-19781-analyzing-the-exploit/

    • 38 Min.
    Citrix Vulnerability, Microsoft Data Breach, and Telnet Credentials Published

    Citrix Vulnerability, Microsoft Data Breach, and Telnet Credentials Published

    Following on from last week, Citrix released a first set of patches to fix a vulnerability (CVE-2019 -19781) affecting the company’s NetScaler ADC Application Delivery Controller and it’s Citrix Gateway. Viktoria and Richard Gold discuss how organizations can mitigate the risk.

    Adam and Phil then join Viktoria to discuss other top stories of the week including 250 million Microsoft customer service and support records exposed on the web. The team also discusses a story where a list of Telnet credentials for more than 515,000 servers, home routers, and IoT devices was published on a hacking forum last week and how this story demonstrates the risk posed when threat actors are able to compromise large collections of IoT devices.

    ***Resources from this week***
    Charles’ Blog: https://www.digitalshadows.com/blog-and-research/cve-2019-19781-analyzing-the-exploit/

    Weekly Intelligence Summary: https://resources.digitalshadows.com/weekly-intelligence-summary/weekly-intelligence-summary-24-jan-2020

    • 31 Min.

Top‑Podcasts in Technologie

Zuhörer haben auch Folgendes abonniert: